X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=fips%2Frand%2Ffips_rand_lib.c;h=a606d31fbdfe39f41433a98759dff2fd176bc5b8;hp=cc8d7179b6cebae060433704c3c3326951e61f32;hb=1d55dd86dd00f13384be8cd91bfbbad3a515c337;hpb=38f90d06d7152e51c6f3e56efbd8defd9f951724;ds=sidebyside

diff --git a/fips/rand/fips_rand_lib.c b/fips/rand/fips_rand_lib.c
index cc8d7179b6..a606d31fbd 100644
--- a/fips/rand/fips_rand_lib.c
+++ b/fips/rand/fips_rand_lib.c
@@ -62,25 +62,42 @@
 
 static const RAND_METHOD *fips_rand_meth = NULL;
 static int fips_approved_rand_meth = 0;
+static int fips_rand_bits = 0;
 
-int FIPS_rand_set_method(const RAND_METHOD *meth)
+/* Allows application to override number of bits and uses non-FIPS methods */
+void FIPS_rand_set_bits(int nbits)
 	{
-	if (meth == FIPS_drbg_method())
-		fips_approved_rand_meth = 1;
-	else if (meth == FIPS_x931_method())
-		fips_approved_rand_meth = 2;
-	else
-		fips_approved_rand_meth = 0;
+	fips_rand_bits = nbits;
+	}
 
-	if (!fips_approved_rand_meth && FIPS_module_mode())
+int FIPS_rand_set_method(const RAND_METHOD *meth)
+	{
+	if (!fips_rand_bits)
 		{
-		FIPSerr(FIPS_F_FIPS_RAND_SET_METHOD, FIPS_R_NON_FIPS_METHOD);
-		return 0;
+		if (meth == FIPS_drbg_method())
+			fips_approved_rand_meth = 1;
+		else if (meth == FIPS_x931_method())
+			fips_approved_rand_meth = 2;
+		else
+			{
+			fips_approved_rand_meth = 0;
+			if (FIPS_module_mode())
+				{
+				FIPSerr(FIPS_F_FIPS_RAND_SET_METHOD,
+						FIPS_R_NON_FIPS_METHOD);
+				return 0;
+				}
+			}
 		}
 	fips_rand_meth = meth;
 	return 1;
 	}
 
+const RAND_METHOD *FIPS_rand_get_method(void)
+	{
+	return fips_rand_meth;
+	}
+
 void FIPS_rand_seed(const void *buf, int num)
 	{
 	if (!fips_approved_rand_meth && FIPS_module_mode())
@@ -147,6 +164,8 @@ int FIPS_rand_status(void)
 
 int FIPS_rand_strength(void)
 	{
+	if (fips_rand_bits)
+		return fips_rand_bits;
 	if (fips_approved_rand_meth == 1)
 		return FIPS_drbg_get_strength(FIPS_get_default_drbg());
 	else if (fips_approved_rand_meth == 2)